Displaying 20 results from an estimated 41 matches for "tlsciphersuit".
Did you mean:
tlsciphersuite
2017 Mar 18
2
Dovecot can't connect to openldap over starttls
The serverlog of openldap with loglevel "any":
https://gwarband.de/openldap/openldap-connect.log
Note: openldap waits 1 Minute before he says "TLS negotiation failure"
after the connect.
and dovecot says direct "Connect error"
I've also delete the TLSCipherSuite from openldap.
Tobias
Am 2017-03-18 14:01, schrieb Tomas Habarta:
> Increase log level on server side as well to see what the server
> says...
> You may remove anything in TLSCipherSuite for the purpose of testing
> too.
>
> Hopefully anyone knowing OpenLDAP internals could...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
I have also tested with 2.2.28 and this version has the same issue.
The finding of compatible ciphers is not the problem because I have
uncommented the ldap entrys:
TLSCipherSuite
SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
TLSProtocolMin 3.1
Maybe you have further ideas.
Am 2017-03-20 17:42, schrieb Aki Tuomi:
>> On March 20, 2017 at 5:28 PM info at gwarband.de wrote:
>>
>>
>> Can sombody say something...
2007 Mar 05
1
LDAP + SSL
Hi everybody
I have setting my ldap server. But I created an certificate with the
following command:
cd /usr/share/ssl/certs; make ldap.pem
Then edit slapd.conf file a insert the following lines:
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCACertificateFile /usr/share/ssl/certs/ldap.pem
TLSCertificateFile /usr/share/ssl/certs/ldap.pem
TLSCertificateKeyFile /usr/share/ssl/certs/ldap.pem
I restart the service. Then, I run the comando authconfig and I select ldap
with tls. I review the logs ldap server a thrown th...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls
...ny":
>> https://gwarband.de/openldap/openldap-connect.log
>> Note: openldap waits 1 Minute before he says "TLS negotiation
>> failure"
>> after the connect.
>> and dovecot says direct "Connect error"
>>
>> I've also delete the TLSCipherSuite from openldap.
>>
>> Tobias
>>
>> Am 2017-03-18 14:01, schrieb Tomas Habarta:
>>> Increase log level on server side as well to see what the server
>>> says...
>>> You may remove anything in TLSCipherSuite for the purpose of testing
>>>...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...t;
>> On March 20, 2017 at 8:14 PM info at gwarband.de wrote:
>>
>>
>> I have also tested with 2.2.28 and this version has the same issue.
>>
>> The finding of compatible ciphers is not the problem because I have
>> uncommented the ldap entrys:
>> TLSCipherSuite
>> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
>> TLSProtocolMin 3.1
>>
>> Maybe you have further ideas.
>>
>> Am 2017-03-20 17:42, schrieb Aki Tuomi:
>>>> On March 20, 2017 at 5:28 PM info at gwarband.de wrote:
&g...
2006 Oct 09
1
SAMBA + LDAP + TLS
...problem is that I coudl not make it work, here I what I've done.
This is what netstat shows.
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:389 127.0.0.1:1873 ESTABLISHED
tcp 0 0 :::389 :::* LISTEN
tcp 0 0 :::636 :::* LISTEN
in slapd.conf i have
TLSCipherSuite HIGH:MEDIUM:+SSLv3
TLSCertificateFile /usr/local/etc/openldap/ssl/server.crt
TLSCertificateKeyFile /usr/local/etc/openldap/ssl/server.key
VerifyClient demand
I created the certificate like this:
openssl genrsa 2048 -out > server.key
openssl req -new -key server.key -out server.csr
openssl req...
2017 Mar 20
0
Dovecot can't connect to openldap over starttls
...of openldap with loglevel "any":
> https://gwarband.de/openldap/openldap-connect.log
> Note: openldap waits 1 Minute before he says "TLS negotiation failure"
> after the connect.
> and dovecot says direct "Connect error"
>
> I've also delete the TLSCipherSuite from openldap.
>
> Tobias
>
> Am 2017-03-18 14:01, schrieb Tomas Habarta:
>> Increase log level on server side as well to see what the server says...
>> You may remove anything in TLSCipherSuite for the purpose of testing too.
>>
>> Hopefully anyone knowing Op...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...nd.de wrote:
>>>>
>>>>
>>>> I have also tested with 2.2.28 and this version has the same issue.
>>>>
>>>> The finding of compatible ciphers is not the problem because I have
>>>> uncommented the ldap entrys:
>>>> TLSCipherSuite
>>>> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
>>>> TLSProtocolMin 3.1
>>>>
>>>> Maybe you have further ideas.
>>>>
>>>> Am 2017-03-20 17:42, schrieb Aki Tuomi:
>>>>>> On...
2017 Mar 18
2
Dovecot can't connect to openldap over starttls
I've replicate the settings from ldapsearch to dovecot but no success.
To the certificate:
Yes it's a *.crt file but I have linked the *.pem file to it and
dovecot has read access to that file.
I have enabled the debugging in dovecot and have uploaded the output:
https://gwarband.de/openldap/dovecot-connect.log
And the other site with ldapsearch:
2017 Mar 20
0
Dovecot can't connect to openldap over starttls
...;>> https://gwarband.de/openldap/openldap-connect.log
>>> Note: openldap waits 1 Minute before he says "TLS negotiation failure"
>>> after the connect.
>>> and dovecot says direct "Connect error"
>>>
>>> I've also delete the TLSCipherSuite from openldap.
>>>
>>> Tobias
>>>
>>> Am 2017-03-18 14:01, schrieb Tomas Habarta:
>>>> Increase log level on server side as well to see what the server
>>>> says...
>>>> You may remove anything in TLSCipherSuite for the purpos...
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...complete, can you try again?
Aki
> On March 20, 2017 at 8:14 PM info at gwarband.de wrote:
>
>
> I have also tested with 2.2.28 and this version has the same issue.
>
> The finding of compatible ciphers is not the problem because I have
> uncommented the ldap entrys:
> TLSCipherSuite
> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
> TLSProtocolMin 3.1
>
> Maybe you have further ideas.
>
> Am 2017-03-20 17:42, schrieb Aki Tuomi:
> >> On March 20, 2017 at 5:28 PM info at gwarband.de wrote:
> >>
>...
2017 Mar 20
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...:14 PM info at gwarband.de wrote:
> >>
> >>
> >> I have also tested with 2.2.28 and this version has the same issue.
> >>
> >> The finding of compatible ciphers is not the problem because I have
> >> uncommented the ldap entrys:
> >> TLSCipherSuite
> >> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
> >> TLSProtocolMin 3.1
> >>
> >> Maybe you have further ideas.
> >>
> >> Am 2017-03-20 17:42, schrieb Aki Tuomi:
> >>>> On March 20, 2017 at 5:...
2003 Feb 18
1
problems with ldap tls
...ldap ssl = no working
thanx
Here my smb.conf:
ldap server = localhost
#ldap port = 389
ldap port = 636
ldap suffix = o=zolnott,dc=de
ldap admin dn = uid=ldaproot,o=zolnott,dc=de
ldap filter = (&(uid=%u)(objectclass=sambaAccount))
ldap ssl = start_tls
Here my slapd.conf:
TLSCipherSuite HIGH:MEDIUM:+SSLv2:RSA
TLSCertificateFile /etc/openldap/www.zolnott.de-ldap-crt.pem
TLSCertificateKeyFile /etc/openldap/www.zolnott.de-ldap-key-nopw.pem
Here my log.smbd:
[2003/02/18 01:40:12, 0] passdb/pdb_ldap.c:ldap_open_connection(182)
Failed to issue the StartTLS instruction: Can't co...
2008 Apr 01
2
openldap on Centos 5.1 with TLS
Hi, sorry for the stupid question,
but however i am following all howtos and tutorials it is not working
1) i have created CA certificate - /etc/pki/tls/misc/CA -newca
2) i have generated a new request - /etc/pki/tls/misc/CA -newreq
3) i have signed certificate /etc/pki/tls/misc/CA -signreq
SO i have CA in /etc/pki/CA
i have newkey.pem
i have newcert.pem
i have also cealrkey.pem (without
2017 Mar 21
0
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
...>>
>>>>>
>>>>> I have also tested with 2.2.28 and this version has the same issue.
>>>>>
>>>>> The finding of compatible ciphers is not the problem because I have
>>>>> uncommented the ldap entrys:
>>>>> TLSCipherSuite
>>>>> SECURE128:-ARCFOUR-128:-CAMELLIA-128-CBC:-3DES-CBC:-CAMELLIA-128-GCM
>>>>> TLSProtocolMin 3.1
>>>>>
>>>>> Maybe you have further ideas.
>>>>>
>>>>> Am 2017-03-20 17:42, schrieb Aki Tuomi:
>&...
2017 Mar 20
2
Dovecot can't connect to openldap over starttls [REQUEST OF OPENLDAP]
Can sombody say something about this request?
This is an email from the openldap-technical mailinglist from openldap.
Systemdetails are mention in the other email.
-------- Originalnachricht --------
Betreff: Re: Dovecot can't connect to openldap over starttls
Datum: 2017-03-20 16:18
Absender: Dan White <dwhite at cafedemocracy.org>
Empf?nger: info at gwarband.de
Kopie:
2010 Nov 25
1
can't use godaddy SSL cert
...3 Open source LDAP client implementation
with SASL2 support
openldap-sasl-server-2.4.23 Open source LDAP server implementation
I have setup the certificate chain in my slapd.conf like so:
[root at LBSD2:/usr/home/bluethundr]#grep -i tls
/usr/local/etc/openldap/slapd.conf## TLS options for slapd
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile /usr/local/etc/openldap/cacerts/LBSD2.summitnjhome.com.crt
TLSCertificateKeyFile /usr/local/etc/openldap/cacerts/slapd.pem
TLSCACertificateFile /usr/local/etc/openldap/cacerts/sf_issuing.crt
I have tried each of the following certs with no luck in getting m...
2017 Mar 18
0
Dovecot can't connect to openldap over starttls
Increase log level on server side as well to see what the server says...
You may remove anything in TLSCipherSuite for the purpose of testing too.
Hopefully anyone knowing OpenLDAP internals could help you analyse it
more deeply.
Tomas
On 03/18/2017 01:31 PM, info at gwarband.de wrote:
> I've replicate the settings from ldapsearch to dovecot but no success.
> To the certificate:
> Yes it's...
2004 Jun 11
2
Samba 3.0.3 on FC2: windows machine cannot join domain
.../openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/samba.schema
allow bind_v2
passwd-hash {SSHA]
pidfile /var/run/slapd.pid
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCACertificateFile /var/ssl/cacert.pem
TLSCertificateFile /var/ssl/ldapcrt.pem
TLSCertificateKeyFile /var/ssl/ldapkey.pem
TLSVerifyClient 0
security ssf=1 update_ssf=112 simple_bind=64
access to dn=".*,dc=soil,dc=ncsu,dc=edu" attr=userPassword
by dn="c...
2009 Feb 18
1
samba can not contact the ldap server
...ateKeyFile /etc/ssl/ldapkey.pem
# privater Schluessel
# equivalent to TLS_CERT
TLSCACertificateFile /etc/ssl/demoCA/cacert.pem
# Certificate Authority
# this is equivalent to TLS_REQCERT
#TLSVerifyClient allow
#TLSVerifyClient try
#TLSVerifyClient demand
#Verfahrensweise
TLSCipherSuite HIGH:MEDIUM:+SSLv2
#######################################################################
# BDB database definitions
#######################################################################
database bdb
suffix "dc=redcor,dc=ch"
checkpoint 1024 5
cachesize 10000
ro...